lp://staging/~lfaraone/pithos/password-permissions-fix
- Get this branch:
- bzr branch lp://staging/~lfaraone/pithos/password-permissions-fix
Branch merges
- Kevin Mehall: Pending requested
-
Diff: 104 lines (+62/-3)2 files modifiedbin/pithos (+3/-0)
pithos/PreferencesPithosDialog.py (+59/-3)
Related source package recipes
Related bugs
Related blueprints
Branch information
Recent revisions
- 158. By Luke Faraone
-
Handle o+rw in one run.
Previously didn't modify the config_perms value, so when we ORd it the second time the changes made the first time were not preserved.
- 157. By Luke Faraone
-
CVE-2011-1500: Fix password leak to local users through file permissions. (LP: #733307)
On start, check file permissions according to new rules as follows:
If the file is 0644 and if "unsafe_
permissions" is not True,
chmod 0600
If the file is world-readable and/or writable (but not exactly 0644) and if
"unsafe_permissions" is not True:
chmod o-rwTo override this new behavior, set unsafe_permissions to False in pithos.ini.
On new configuration file creation, set to 0600.
- 155. By Kevin Mehall
-
Apply patch for bug #706681 by Rick Spencer. Fixes "TypeError: could not convert argument to correct param type"
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/~kevin-mehall/pithos/trunk
